# This is a basic playbook
- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=nagios"

- name: make the box be real
  hosts: nagios
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"

  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - { role: openvpn/client, when: env != "staging" }
  - ipa/client
  - collectd/base
  - { role: rsyncd, when: datacenter == 'iad2' }
  - sudo
  - mod_wsgi
  - role: keytab/service
    owner_user: apache
    owner_group: apache
    service: HTTP
    host: "nagios{{env_suffix}}.fedoraproject.org"
    when: datacenter == 'iad2'
  - role: keytab/service
    owner_user: apache
    owner_group: apache
    service: HTTP
    host: "nagios-external{{env_suffix}}.fedoraproject.org"
    when: datacenter != 'iad2' 
  - { role: letsencrypt, site_name: 'nagios-external.fedoraproject.org', when: inventory_hostname.startswith('noc02') }

  tasks:
  - import_tasks: "{{ tasks_path }}/motd.yml"

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

- name: deploy service-specific config (just for production)
  hosts: nagios
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

  roles:
  - { role: dhcp_server, when: datacenter == 'iad2' }
  - { role: tftp_server, when: datacenter == 'iad2' }
  - { role: nagios_server }

  tasks:
  - name: install some packages which arent in playbooks
    package:
      state: present
      name:
        - nmap
        - tcpdump
